/**
 *                                                                            
 * Copyright (c) 2011, 2016 - Loetz GmbH&Co.KG (69115 Heidelberg, Germany)
 *                                                                            
 * All rights reserved. This program and the accompanying materials           
 * are made available under the terms of the Eclipse Public License v1.0       
 * which accompanies this distribution, and is available at                  
 * http://www.eclipse.org/legal/epl-v10.html                                 
 *                                                                            
 * Contributors:   
 * Christophe Loetz (Loetz GmbH&Co.KG) - initial implementation 
 */
package org.eclipse.osbp.authentication.shiro.extensionsimpl;

import java.util.Collection;
import java.util.Map;
import java.util.Set;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.eclipse.osbp.authentication.ServiceListener;
import org.eclipse.osbp.authentication.account.dtos.UserAccountDto;
import org.eclipse.osbp.authentication.shiro.extensions.IUserAccess;
import org.eclipse.osbp.preferences.ProductConfiguration;
import org.eclipse.osbp.ui.api.useraccess.AbstractPosition;
import org.eclipse.osbp.ui.api.useraccess.IOrganizationService;
import org.eclipse.osbp.ui.api.useraccess.IPermissionList;
import org.eclipse.osbp.ui.api.useraccess.IPosition;
import org.eclipse.osbp.ui.api.useraccess.ISubOrganization;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

// TODO: Auto-generated Javadoc
/**
 * The Class UserAccessAuthorizationRealm.
 * 
 * some useful hints upon integration vaadin / shiro
 * https://github.com/davidsowerby/krail/tree/master/src/main/java/uk/q3c
 * https://vaadin.com/forum/#!/thread/2009907/3349290
 * https://vaadin.com/forum#!/thread/8644145
 * http://mikepilone.blogspot.de/2013/07/vaadin-shiro-and-push.html
 * https://github.com/vaadin-kim/shiro-example
 */
public abstract class UserAccessAuthorizationRealm extends AuthorizingRealm implements IUserAccess {

	/** The Constant LOGGER. */
	private static final Logger LOGGER = LoggerFactory.getLogger(UserAccessAuthorizationRealm.class);

	/** The portal id. */
	private String portalId = "";

	// private static final Logger LOGGER =
	// LoggerFactory.getLogger(UserAccessAuthorizationRealm.class);

	/**
	 * Instantiates a new user access authorization realm.
	 */
	public UserAccessAuthorizationRealm() {
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#getAllUsers
	 * ()
	 */
	@Override
	public abstract Set<String> getAllUsers();

	/*
	 * (non-Javadoc)
	 * 
	 * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#
	 * getAllUsersPositions()
	 */
	@Override
	public abstract Map<String, String> getAllUsersPositions();

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#findUserAccount
	 * (java.lang.String)
	 */
	@Override
	public abstract UserAccountDto findUserAccount(String username);

	/*
	 * (non-Javadoc)
	 * 
	 * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#
	 * findUsersForPosition(java.lang.String)
	 */
	@Override
	public abstract Set<String> findUsersForPosition(String positionName);

	/*
	 * (non-Javadoc)
	 * 
	 * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#
	 * findPositionForUser(java.lang.String)
	 */
	@Override
	public AbstractPosition findPositionForUser(String username) {
		UserAccountDto user = findUserAccount(username);
		if (user != null) {
			return findPositionForPositionName(user.getPosition());
		}
		return null;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#
	 * findPositionForPositionName(java.lang.String)
	 */
	@Override
	public AbstractPosition findPositionForPositionName(String positionName) {
		if (positionName != null) {
			// as positions in organization are not allowed to have spaces
			String pos = positionName.replace(" ", "_");
			for (IOrganizationService organizationService : ServiceListener.getOrganizationServices()) {
				String organizationID = ProductConfiguration.getAuthenticationOrganizationId();
				ISubOrganization organization = organizationService.getOrganization(organizationID);
				if (organization != null) {
					IPosition position = (organization != null) ? organization.getPosition(pos) : null;
					if (position != null && position instanceof AbstractPosition) {
						return (AbstractPosition) position;
					}
				}
			}
		}
		return null;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#findRolesForUser
	 * (java.lang.String)
	 */
	@Override
	public Collection<String> findRolesForUser(String username) {
		AbstractPosition position = findPositionForUser(username);
		if (position != null) {
			return position.getRoles();
		}
		return null;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#
	 * findPermissionsForUser(java.lang.String)
	 */
	@Override
	public IPermissionList findPermissionsForUser(String username) {
		AbstractPosition position = findPositionForUser(username);
		if (position != null) {
			return position.getPermissionList();
		}
		return null;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#getPortalId
	 * ()
	 */
	@Override
	public String getPortalId() {
		return portalId;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#setPortalId
	 * (java.lang.String)
	 */
	@Override
	public void setPortalId(String portalId) {
		this.portalId = portalId;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.apache.shiro.realm.AuthorizingRealm#doGetAuthorizationInfo(org.apache
	 * .shiro.subject.PrincipalCollection)
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		return null;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.apache.shiro.realm.AuthenticatingRealm#doGetAuthenticationInfo(org
	 * .apache.shiro.authc.AuthenticationToken)
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		return null;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#
	 * checkUsernameUniqueness(java.lang.String)
	 */
	@Override
	public boolean checkUsernameExists(String username) {
		return getAllUsers().contains(username);
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see org.eclipse.osbp.authentication.shiro.extensions.IUserAccess#
	 * checkEmailUniqueness(java.lang.String)
	 */
	@Override
	public boolean checkEmailExists(String email) {
		return getAllEmails().contains(email);
	}
}